}
boolean foundValidSignature;
try {
stream.initVerify();
stream.updateVerify(data.duplicate());
foundValidSignature = stream.verify(signature.duplicate());
VERIFY_CACHE.put(key, stream);
} catch (KeyczarException e) {
// Crypto library can throw errors for invalid keys
// this allows the verifier to continue trying other keys
foundValidSignature = false;